Method and device for authenticating in safety channel establishing process as well as intelligent card and terminal

A secure channel and authentication technology, applied in the field of smart cards and terminals, can solve the problems of many illegal attacks and easy failure of security modules

Active Publication Date: 2013-01-02
CHINA MOBILE COMM GRP CO LTD
View PDF4 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0049] The embodiment of the present invention provides a method, device, smart card and terminal for authenticating when establishing a secure channel, so as to solve the problem in the prior art that the security module is subject to many illegal attacks and is prone to failure

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for authenticating in safety channel establishing process as well as intelligent card and terminal
  • Method and device for authenticating in safety channel establishing process as well as intelligent card and terminal
  • Method and device for authenticating in safety channel establishing process as well as intelligent card and terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0073] Such as figure 2 As shown in FIG. 1 , it is a schematic diagram of the steps of the authentication method in Embodiment 1 of the present invention when establishing a secure channel. In Embodiment 1, the authentication process of the external device in the security domain is used as an example for illustration. The security module itself or in the security module The authentication process of the application program to the external device is the same as that of the security domain to the external device.

[0074] The method comprises the steps of:

[0075] Step 201: Receive authentication information.

[0076] In this step, when the external device communicates with a security domain in the security module figure 1 In the security channel initialization stage shown, after the external device passes the authentication of the security domain, it can send authentication information for establishing a security channel to the security domain in the manner of step 105 and ...

Embodiment 2

[0103] The second embodiment of the present invention uses a specific example to describe the solution of the first embodiment in detail, assuming that the solution of the second embodiment still takes the authentication of the external device by the security domain as an example.

[0104] In the scheme of the second embodiment, the maximum number of failures (i.e. the upper limit) of the security domain is Counter_max, and the lower limit of the security domain is Counter_min. In this embodiment, it is used to determine whether the security domain is attacked. The number of failures does not include the current authentication failure.

[0105] The scheme of this embodiment is as image 3 shown, including the following steps:

[0106] Step 301: Receive authentication information sent by an external device through an I / O interface.

[0107] Step 302: Analyze the authentication information to determine whether it is authentication information for establishing a secure channel,...

Embodiment 3

[0141] Embodiment 3 of the present invention provides a device for performing authentication when establishing a secure channel under the same inventive concept as Embodiment 1 and Embodiment 2, such as Figure 5 As shown, the device includes: an authentication module 11, a number of times determination module 12, a delay module 13 and a return module 14, wherein: the authentication module 11 is used to authenticate the authentication information used to establish a secure channel; the number of times The determination module 12 is used to determine the number of authentication failures that have occurred continuously when the authentication fails; the delay module 13 is used to extend the feedback authentication response when the determined number of authentication failures is greater than the lower limit and less than the upper limit. Duration of the message; the returning module 14 is configured to return an authentication failure response message according to the extended d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a device for authenticating in a safety channel establishing process as well as an intelligent card and a terminal. The main content is as follows: when a safety module is illegally attacked (namely the continuously-appearing authentication failure times reach the pre-set lower limiting value and do not reach the upper limiting value), a manner of prolonging the time of responding message by feedback authentication is used for delaying to return an authentication failure response message to peripheral equipment, so that the peripheral equipment responds too slowly via the safety module, a problem in connection appears and the attack is stopped, or the attack is stopped as the delaying time is longer than the time delay capable of being tolerated by the peripheral equipment, so as to reduce the attack to the safety module under the condition that the safety module is not out of work, and improve the safety of the safety module.

Description

technical field [0001] The invention relates to the field of communication, in particular to a method, device, smart card and terminal for performing authentication when establishing a safe channel. Background technique [0002] With the development and popularization of mobile communication services, especially in the 3G era, mobile terminals are evolving from conventional communication devices to handheld multifunctional terminals integrating communication, identity representation, and e-commerce services (such as electronic payment). Since the mobile terminal often needs to exchange information with external devices (such as a card reader or a network platform on the network side), the security of the mobile terminal itself is also facing more and more threats. For example, the card reader or network service platform illegally accesses the private data inside the mobile terminal through radio frequency or wireless communication, and illegally modifies the internal applica...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/06H04W88/02
Inventor 李琳任晓明乐祖晖
Owner CHINA MOBILE COMM GRP CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap